From e5e88d16049f4527eaab6b066c731fbe4247b574 Mon Sep 17 00:00:00 2001 From: =Corey Hulen Date: Fri, 11 Sep 2015 09:39:28 -0700 Subject: Renaming ROLE_ADMIN to ROLE_TEAM_ADMIN --- api/channel.go | 6 +++--- api/context.go | 2 +- api/post.go | 2 +- api/team.go | 6 +++--- api/user.go | 14 +++++++------- api/user_test.go | 2 +- 6 files changed, 16 insertions(+), 16 deletions(-) (limited to 'api') diff --git a/api/channel.go b/api/channel.go index b40366719..63acaa8d1 100644 --- a/api/channel.go +++ b/api/channel.go @@ -191,7 +191,7 @@ func updateChannel(c *Context, w http.ResponseWriter, r *http.Request) { return } - if !strings.Contains(channelMember.Roles, model.CHANNEL_ROLE_ADMIN) && !strings.Contains(c.Session.Roles, model.ROLE_ADMIN) { + if !strings.Contains(channelMember.Roles, model.CHANNEL_ROLE_ADMIN) && !strings.Contains(c.Session.Roles, model.ROLE_TEAM_ADMIN) { c.Err = model.NewAppError("updateChannel", "You do not have the appropriate permissions", "") c.Err.StatusCode = http.StatusForbidden return @@ -514,7 +514,7 @@ func deleteChannel(c *Context, w http.ResponseWriter, r *http.Request) { return } - if !strings.Contains(channelMember.Roles, model.CHANNEL_ROLE_ADMIN) && !strings.Contains(c.Session.Roles, model.ROLE_ADMIN) { + if !strings.Contains(channelMember.Roles, model.CHANNEL_ROLE_ADMIN) && !strings.Contains(c.Session.Roles, model.ROLE_TEAM_ADMIN) { c.Err = model.NewAppError("deleteChannel", "You do not have the appropriate permissions", "") c.Err.StatusCode = http.StatusForbidden return @@ -756,7 +756,7 @@ func removeChannelMember(c *Context, w http.ResponseWriter, r *http.Request) { return } - if !strings.Contains(channelMember.Roles, model.CHANNEL_ROLE_ADMIN) && !strings.Contains(c.Session.Roles, model.ROLE_ADMIN) { + if !strings.Contains(channelMember.Roles, model.CHANNEL_ROLE_ADMIN) && !strings.Contains(c.Session.Roles, model.ROLE_TEAM_ADMIN) { c.Err = model.NewAppError("updateChannel", "You do not have the appropriate permissions ", "") c.Err.StatusCode = http.StatusForbidden return diff --git a/api/context.go b/api/context.go index 1852ed4d6..8e5becda7 100644 --- a/api/context.go +++ b/api/context.go @@ -298,7 +298,7 @@ func (c *Context) IsTeamAdmin(userId string) bool { return false } else { user := uresult.Data.(*model.User) - return model.IsInRole(c.Session.Roles, model.ROLE_ADMIN) && user.TeamId == c.Session.TeamId + return model.IsInRole(c.Session.Roles, model.ROLE_TEAM_ADMIN) && user.TeamId == c.Session.TeamId } } diff --git a/api/post.go b/api/post.go index f969dd031..bd31e0210 100644 --- a/api/post.go +++ b/api/post.go @@ -716,7 +716,7 @@ func deletePost(c *Context, w http.ResponseWriter, r *http.Request) { return } - if post.UserId != c.Session.UserId && !model.IsInRole(c.Session.Roles, model.ROLE_ADMIN) { + if post.UserId != c.Session.UserId && !model.IsInRole(c.Session.Roles, model.ROLE_TEAM_ADMIN) { c.Err = model.NewAppError("deletePost", "You do not have the appropriate permissions", "") c.Err.StatusCode = http.StatusForbidden return diff --git a/api/team.go b/api/team.go index 9288b86cb..8258fa929 100644 --- a/api/team.go +++ b/api/team.go @@ -477,7 +477,7 @@ func InviteMembers(c *Context, team *model.Team, user *model.User, invites []str sender := user.GetDisplayName() senderRole := "" - if model.IsInRole(user.Roles, model.ROLE_ADMIN) || model.IsInRole(user.Roles, model.ROLE_SYSTEM_ADMIN) { + if model.IsInRole(user.Roles, model.ROLE_TEAM_ADMIN) || model.IsInRole(user.Roles, model.ROLE_SYSTEM_ADMIN) { senderRole = "administrator" } else { senderRole = "member" @@ -536,7 +536,7 @@ func updateTeamDisplayName(c *Context, w http.ResponseWriter, r *http.Request) { return } - if !model.IsInRole(c.Session.Roles, model.ROLE_ADMIN) { + if !model.IsInRole(c.Session.Roles, model.ROLE_TEAM_ADMIN) { c.Err = model.NewAppError("updateTeamDisplayName", "You do not have the appropriate permissions", "userId="+c.Session.UserId) c.Err.StatusCode = http.StatusForbidden return @@ -576,7 +576,7 @@ func updateValetFeature(c *Context, w http.ResponseWriter, r *http.Request) { return } - if !model.IsInRole(c.Session.Roles, model.ROLE_ADMIN) { + if !model.IsInRole(c.Session.Roles, model.ROLE_TEAM_ADMIN) { c.Err = model.NewAppError("updateValetFeature", "You do not have the appropriate permissions", "userId="+c.Session.UserId) c.Err.StatusCode = http.StatusForbidden return diff --git a/api/user.go b/api/user.go index f32bbbe13..c87b89c7a 100644 --- a/api/user.go +++ b/api/user.go @@ -170,7 +170,7 @@ func CreateUser(c *Context, team *model.Team, user *model.User) *model.User { channelRole := "" if team.Email == user.Email { - user.Roles = model.ROLE_ADMIN + user.Roles = model.ROLE_TEAM_ADMIN channelRole = model.CHANNEL_ROLE_ADMIN } else { user.Roles = "" @@ -945,7 +945,7 @@ func updateRoles(c *Context, w http.ResponseWriter, r *http.Request) { return } - if !model.IsInRole(c.Session.Roles, model.ROLE_ADMIN) && !c.IsSystemAdmin() { + if !model.IsInRole(c.Session.Roles, model.ROLE_TEAM_ADMIN) && !c.IsSystemAdmin() { c.Err = model.NewAppError("updateRoles", "You do not have the appropriate permissions", "userId="+user_id) c.Err.StatusCode = http.StatusForbidden return @@ -984,7 +984,7 @@ func UpdateRoles(c *Context, user *model.User, roles string) *model.User { // make sure there is at least 1 other active admin if !model.IsInRole(roles, model.ROLE_SYSTEM_ADMIN) { - if model.IsInRole(user.Roles, model.ROLE_ADMIN) && !model.IsInRole(roles, model.ROLE_ADMIN) { + if model.IsInRole(user.Roles, model.ROLE_TEAM_ADMIN) && !model.IsInRole(roles, model.ROLE_TEAM_ADMIN) { if result := <-Srv.Store.User().GetProfiles(user.TeamId); result.Err != nil { c.Err = result.Err return nil @@ -992,7 +992,7 @@ func UpdateRoles(c *Context, user *model.User, roles string) *model.User { activeAdmins := -1 profileUsers := result.Data.(map[string]*model.User) for _, profileUser := range profileUsers { - if profileUser.DeleteAt == 0 && model.IsInRole(profileUser.Roles, model.ROLE_ADMIN) { + if profileUser.DeleteAt == 0 && model.IsInRole(profileUser.Roles, model.ROLE_TEAM_ADMIN) { activeAdmins = activeAdmins + 1 } } @@ -1042,14 +1042,14 @@ func updateActive(c *Context, w http.ResponseWriter, r *http.Request) { return } - if !model.IsInRole(c.Session.Roles, model.ROLE_ADMIN) && !c.IsSystemAdmin() { + if !model.IsInRole(c.Session.Roles, model.ROLE_TEAM_ADMIN) && !c.IsSystemAdmin() { c.Err = model.NewAppError("updateActive", "You do not have the appropriate permissions", "userId="+user_id) c.Err.StatusCode = http.StatusForbidden return } // make sure there is at least 1 other active admin - if !active && model.IsInRole(user.Roles, model.ROLE_ADMIN) { + if !active && model.IsInRole(user.Roles, model.ROLE_TEAM_ADMIN) { if result := <-Srv.Store.User().GetProfiles(user.TeamId); result.Err != nil { c.Err = result.Err return @@ -1057,7 +1057,7 @@ func updateActive(c *Context, w http.ResponseWriter, r *http.Request) { activeAdmins := -1 profileUsers := result.Data.(map[string]*model.User) for _, profileUser := range profileUsers { - if profileUser.DeleteAt == 0 && model.IsInRole(profileUser.Roles, model.ROLE_ADMIN) { + if profileUser.DeleteAt == 0 && model.IsInRole(profileUser.Roles, model.ROLE_TEAM_ADMIN) { activeAdmins = activeAdmins + 1 } } diff --git a/api/user_test.go b/api/user_test.go index 8c037fdf3..fe5a4a27f 100644 --- a/api/user_test.go +++ b/api/user_test.go @@ -509,7 +509,7 @@ func TestUserUpdate(t *testing.T) { user.TeamId = "12345678901234567890123456" user.LastActivityAt = time2 user.LastPingAt = time2 - user.Roles = model.ROLE_ADMIN + user.Roles = model.ROLE_TEAM_ADMIN user.LastPasswordUpdate = 123 if result, err := Client.UpdateUser(user); err != nil { -- cgit v1.2.3-1-g7c22 From 27e59c32f933e6b52a01a73b774e6b0ade0d1d4d Mon Sep 17 00:00:00 2001 From: JoramWilander Date: Fri, 11 Sep 2015 12:11:10 -0400 Subject: Set default Content-Type to application/json for all API requests --- api/context.go | 3 +++ 1 file changed, 3 insertions(+) (limited to 'api') diff --git a/api/context.go b/api/context.go index aaf304e2c..ac5dbc7ec 100644 --- a/api/context.go +++ b/api/context.go @@ -106,6 +106,9 @@ func (h handler) ServeHTTP(w http.ResponseWriter, r *http.Request) { if !h.isApi { w.Header().Set("X-Frame-Options", "DENY") w.Header().Set("Content-Security-Policy", "frame-ancestors none") + } else { + // All api response bodies will be JSON formatted + w.Header().Set("Content-Type", "application/json") } sessionId := "" -- cgit v1.2.3-1-g7c22 From 7b3c2d6d85ecee86fbc85b440e7028018b1090b1 Mon Sep 17 00:00:00 2001 From: Christopher Speller Date: Mon, 14 Sep 2015 12:04:57 -0400 Subject: Allowing underscores in channel names. Added conversion of some slack channel names into valid mattermost names. --- api/slackimport.go | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) (limited to 'api') diff --git a/api/slackimport.go b/api/slackimport.go index 1d037a934..4e6c01dbb 100644 --- a/api/slackimport.go +++ b/api/slackimport.go @@ -50,6 +50,15 @@ func SlackConvertTimeStamp(ts string) int64 { return timeStamp * 1000 // Convert to milliseconds } +func SlackConvertChannelName(channelName string) string { + newName := strings.Trim(channelName, "_-") + if len(newName) == 1 { + return "slack-channel-" + newName + } + + return newName +} + func SlackParseChannels(data io.Reader) []SlackChannel { decoder := json.NewDecoder(data) @@ -172,7 +181,7 @@ func SlackAddChannels(teamId string, slackchannels []SlackChannel, posts map[str TeamId: teamId, Type: model.CHANNEL_OPEN, DisplayName: sChannel.Name, - Name: sChannel.Name, + Name: SlackConvertChannelName(sChannel.Name), Description: sChannel.Topic["value"], } mChannel := ImportChannel(&newChannel) -- cgit v1.2.3-1-g7c22 From 0654b0c06b516172a5d83759e2b781c9f37f854f Mon Sep 17 00:00:00 2001 From: JoramWilander Date: Mon, 14 Sep 2015 14:18:01 -0400 Subject: Blank Content-Type for file GETs. --- api/file.go | 1 + 1 file changed, 1 insertion(+) (limited to 'api') diff --git a/api/file.go b/api/file.go index 1d8244fac..692558acf 100644 --- a/api/file.go +++ b/api/file.go @@ -349,6 +349,7 @@ func getFile(c *Context, w http.ResponseWriter, r *http.Request) { w.Header().Set("Cache-Control", "max-age=2592000, public") w.Header().Set("Content-Length", strconv.Itoa(len(f))) + w.Header().Set("Content-Type", "") // need to provide proper Content-Type in the future w.Write(f) } -- cgit v1.2.3-1-g7c22